McAfee CEO Says New Laws Are Needed To Deal With Cybercrime

from the passing-the-buck dept

McAfee CEO Dave DeWalt has been pushing politicians to create new laws to deal with cybercrime. He says cybercrime is now a bigger business than illegal drug trafficking in the US, and that the punishment doled out to cybercriminals isn't an effective deterrent. He may have a valid point there, but new laws and sentencing guidelines don't seem to be the most effective potential tool against computer crimes -- particularly when much of this crime comes from overseas, where being caught and punished by a remote government isn't likely to stop many criminals. DeWalt says that the technical side of security is "pretty advanced", and that government is lagging. But if things really were so rosy in the computer security business, it doesn't seem like there would be much of a need for new laws. He mentions malware and phishing, two areas where he says new laws could help -- but both of these represent areas where security vendors could show some improvements too. Traditional methods, like blacklists, seem to be flagging, so some fresh thinking and innovation in the industry, not just a bunch of new laws, would be beneficial. There are some areas, though, where some stronger deterrents might be useful, such as in getting businesses and government to take the security of personal information more seriously.

Everytime the politicians try to legislate the internet they manage to screw it up real well. On the other hand, when existing laws are applied to internet issues it often turns out well. I cannot think of anything illegal that goes on online that cannot be covered by existing laws. I am waiting for the first bot wrangler that gets prosecuted for tresspassing.

I am aware that there is a major difference in scale. A dumpster diver will only obtain a couple dozen credit card numbers for each attampt where an online data thief will obtain thousands. No problem, each number needs to be a separate count. 1000 30 day sentences is a loing time in jail.

McAfee

Maybe instead of worrying about PR, the McAfee people ought to be worrying about developing a product that works.
A company that fails more than 50% of their vb100 tests doesn't really have much room to talk about any kind of computer security.

Sounds like a PR stunt...

The CEO of McAfee wants to push for new laws eh? If McAfee itself were so effective he wouldn't have to ask the government for help now would he. This is just a another coporation trying to get cozy with the government for a little back scratching action.

McAfee - start using Unix

The 'virus' just take advantage of design flaws in Microsoft.
We have had a few 'virus'/worms/vulnerabilities on unix since 1970's. And Unix still can, if the person does BAD things like setuid programs. In 1984 it was clearly stated to NEVER write a email program that would directly execute code, and this was on Unix (a multi-user, non-root default) system.

On Windows it is _EXTREMELY_ dangerous, since most home users are setup as administrators also (Generally a bad idea). At least if it only installed as a user on a unix system, only the user was compromised, and with basic firewall setup the system is still safe.

McAfee has a vested interest in continuing on Microsoft since they have bugs to work on protecting, so more virus' can come, so they can sell more 'virus' protection software.

you have the equivalency of a hand full of people versus a few hundred people for the security software creation. of course innovation is going to be lacking they're way to busy just trying to play keep up.

the main advantage that security companies have over mal-ware and other junk is that people want their system on their systems.

also linux and mac can claim to be nice and safe, but the fact remains that there are always bugs and that most a good deal of attacks are social engineering... and if they were as popular you'd have the same people falling for it.

Re:

also linux and mac can claim to be nice and safe, but the fact remains that there are always bugs and that most a good deal of attacks are social engineering... and if they were as popular you'd have the same people falling for it.

Precisely. Most linux, apple, whatever non-Microsoft OS users don't take that into account. They go on and on about how their "obscure" and "nonconformist" OS is so well pretected from attacks. What they fail to realize is that the attackers know that for the most part OSs by MS are still the most widely used. If the tables turned and MS OSs became obsure and linux became the big dog then the attackers would just refocus on linux.

It's not that other OSs are super secure its just that the attackers think its not worth it to attack other OSs for the most part.

COMPUTER CRIME

I FULLY AGREE THAT THINGS COULD BE DONE TO MAKE USING THE INTERNET MUCH MORE SECURE. I BELIEVE CORPORATIONS ARE JUST LAZY AND REALLY DON'T GIVE A DAMM UNLESS IT HURTS THEIR BOTTOM LINE. WHEN THE LAW MAKERS START STANDING UP FOR PEOPLE INSTEAD OF BEING SO CONCERNED HOW MUCH DOUGH THEY MAY LOOSE FROM SOME UNCONCERNED CONTRIBUTERS THEN WE WILL ALL SEE CHANGES. FAT CHANCE ON THAT ONE. WE HAVE A BETTER CHANCE OF JUMPING HARD ON A TRAMPOLINE AND LANDING ON THE MOON. BEST REGARDS BRADLEY STEWART

16 Million already....

America has already imprisoned over 16 million of its own citizens. This makes the US number 1 in the world for incarceration beating out China at 15 million with almost 6 times the population!

I don't know if it is wise to create new laws to lockup people without addressing our already failing legal system. Not to mention we have completely failed to update laws in accordance with the information revolution.

Append existing laws

Not new laws is what we need - just append existing ones.
Make hacking into someones computer a felony - just like breaking and entering.
Just apply a little common sense and name things by their name - not pretend there would be a gray area.

For the Unix/Mac suggestion - as already stated - that's wishful thinking. The moment Unix/Mac are representing a significant marketshare, they will be target. It's ecomomy 1:1 - not a more or less secure OS. ANYTHING can be cracked, hacked or manipulated. Enough proof out there in every area of our life. So get a grip and get real.